Documents in Wrench SmartProject are categorised under various “genealogies” depending on type and security context of the documents. Each genealogy can be assigned with strict security policies so that the documents contained in each are accessible only to the designated users.
Platform / Technology
Technology architecture of Wrench SmartProject
WRENCH SmartProject™ is a SAAS platform hosted on Azure® Platform and is governed by Microsoft® security policies. We have four layers in our architecture, which are secured as follows
- Application layer – secured by Access Controls, Active Directory Login Synchronizations, Two Factor Authentications.
- Database layer – secured data at REST encryptions
- Vault Layer – secured by file encryption method
- Web Layer – secured by https for data in motion
Loosely coupled Architecture
User access is controlled using conventional login credentials. Each Wrench SmartProject user is provided with exclusive login names and strong passwords to offer primary access control. To extend this further, Wrench SmartProject user access control system can be integrated with Windows federation services, so that in addition to enhanced security, it can offer single sign-on.
Information in each project can be restricted to the resources assigned to work on the project. The project plan, documents handled in the project etc. can be brought under the security cover of this mechanism.
Content is protected at various levels of storage and transit.
Critical information preserved in MS SQL Data repository of Wrench SmartProject, such as user passwords is encrypted using strong ‘Cypher’ encryption algorithms.
‘Vault’ is a disk folder where Wrench SmartProject keeps all the documents. In most deployment scenario, it is possible to prevent direct access to the vault folder by means of network security implementations. In the event of additional precautions are required for high security documents, such documents stored in each ‘genealogy’ of Wrench SmartProject can be protected by encrypting them so that they remain protected even if they are accessed directly -though unlikely- from Wrench SmartProject vault.
Data on transit between the Wrench SmartProject server and client are compressed using passwords to offer it security from intrusions on the communication pipe. For additional security, Wrench SmartProject may be deployed over HTTPS (with SSL). Wrench SmartProject application is immunised against intrusions and vulnerabilities as specified in the ‘OWASP’ top 10 classification.
Further, secure your project content at recipient level (for clients, vendors or contractors etc) by enabling two-factor authentication by enabling One Time Password (OTP) to registered users mobile
In most scenario, it is sufficient to protect Wrench SmartProject using the access rules in a firewall. The native access control and content security facilities in Wrench SmartProject offers optimum cost-security ratio. But in high security scenario, Wrench SmartProject can be deployed in a variety of ways to secure the system to the desired extent. When security offered by a single firewall is not adequate, the system can be deployed over a DMZ.
WRENCH Solutions(P) Ltd. Is a Microsoft Partner with ISV (Gold) competency in application development for Microsoft® platforms. When it comes to deploying Wrench SmartProject on managed cloud, Microsoft® Azure® is the primary choice. Microsoft® Azure® runs in datacenters managed and operated by Microsoft. These geographically dispersed datacenters comply with key industry standards, such as ISO/IEC 27001:2013 and NIST SP 800-53, for security and reliability. The datacenters are managed, monitored, and administered by Microsoft® operations staff. The operations staff has years of experience in delivering the world’s largest online services with 24 x 7 continuity.
More story at https://docs.microsoft.com/en-us/azure/security/azure-security-infrastructure
Apart from Microsoft® Azure® cloud, Wrench SmartProject can be deployed on any other cloud service of choice.